package gruppe7.data;

import gruppe7.db.DBAccess;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;

public class DBUserProvider implements UserProvider {

    public void addUser(User newUser, PasswordHash hash) throws UserException, ProviderException {
        try {
            int type = 1;
            if(newUser.getType() == User.Type.TYPE_ADMIN)type = 0;
            Connection conn = DBAccess.getInstance().getConnection();
            String sql = "INSERT INTO `tlrs`.`users` ("
                    + "`userrole` ,"
                    + "`username` ,"
                    + "`password`) "
                    + "VALUES (? , ? , ?);";
            PreparedStatement stmt = conn.prepareStatement(sql);
            stmt.setInt(1,type);
            stmt.setString(2, newUser.getUsername());
            stmt.setString(3, hash.getHash());
            stmt.execute();
        } catch (Exception e) {

            e.printStackTrace();

        }
    }

    public User authenticateUser(String username, PasswordHash hash) throws UserException, ProviderException {
        User user = null;
        try {
            Connection conn = DBAccess.getInstance().getConnection();
            String sql = "SELECT * FROM users WHERE userName = ? AND password = ?";
            PreparedStatement stmt = conn.prepareStatement(sql);
            stmt.setString(1, username);
            stmt.setString(2, hash.getHash());
            ResultSet rs = stmt.executeQuery();
            String uName;
            User.Type t;
            int userID;

            while (rs.next()) {
                uName = rs.getString("username");
                t = User.Type.values()[rs.getInt("userrole")];
                userID = rs.getInt("userid");
                user = new User(uName, t, userID);
            }

            rs.close();
            conn.close();
            if (user == null)
            {
                throw new UserException("false");
            }
            return user;
        } catch (Exception e) {
            e.printStackTrace();
            throw new UserException(e);
        }
    }

    public Float getBalance(String userName) throws UserException {
        try {
            Connection conn = DBAccess.getInstance().getConnection();
            String sql = "SELECT * FROM users WHERE userName = ?";

            PreparedStatement stmt = conn.prepareStatement(sql);
            stmt.setString(1, userName);
            ResultSet rs = stmt.executeQuery();
            float balance = 0;
            while (rs.next()) {
                balance = rs.getFloat("account");
            }

            rs.close();
            conn.close();
            return balance;



        } catch (Exception e) {
            e.printStackTrace();
            throw new UserException(e);
        }
    }

    public boolean updateBalance(float value, String userName) {
        boolean validated = false;

        try {
            float oldBalance = getBalance(userName);

            Connection conn = DBAccess.getInstance().getConnection();
            String sql = " UPDATE users SET account = ? WHERE username = ?";
            PreparedStatement stmt = conn.prepareStatement(sql);

            if (oldBalance + value > 0) {
                stmt.setFloat(1, oldBalance + value);
                validated = true;
            } else {
                stmt.setFloat(1, oldBalance);
            }
            stmt.setString(2, userName);
            stmt.execute();
        } catch (Exception e) {
            e.printStackTrace();
        }
        return validated;
    }
}
